dropbear - transitional dummy package for dropbear-{run,initramfs}

Property Value
Distribution Ubuntu 18.04 LTS (Bionic Beaver)
Repository Ubuntu Universe amd64
Package name dropbear
Package version 2017.75
Package release 3build1
Package architecture all
Package type deb
Installed size 29 B
Download size 4.77 KB
Official Mirror archive.ubuntu.com
This is a transitional dummy package to get upgrading systems to install the
dropbear-run and dropbear-initramfs packages. It can safely be removed once no
other package depends on it.


Package Version Architecture Repository
dropbear_2017.75-3build1_all.deb 2017.75 all Ubuntu Universe
dropbear - - -


Name Value
dpkg >= 1.17.14
dropbear-initramfs >= 2015.68-1
dropbear-run >= 2015.68-1


Type URL
Binary Package dropbear_2017.75-3build1_all.deb
Source Package dropbear

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install dropbear deb package:
    # sudo apt-get install dropbear




2017-11-21 - Colin Watson <cjwatson@ubuntu.com>
dropbear (2017.75-3build1) bionic; urgency=medium
* Rebuild against libtomcrypt1.
2017-10-22 - Guilhem Moulin <guilhem@debian.org>
dropbear (2017.75-3) unstable; urgency=low
* debian/control:
+ Remove hardcoding of libtomcryptX/libtommathY in dropbear-bin's Depends.
(Closes: #879221.)
+ Bump Standards-Version to 4.1.1.  Changes:
- Replace dropbear's Priority from extra to optional (inherited from
source package paragraph).
2017-08-08 - Guilhem Moulin <guilhem@debian.org>
dropbear (2017.75-2) unstable; urgency=low
* dropbear-initramfs:
+ init-bottom script: in the init-bottom script, send a SIGTERM to all
process groups the leader of which is a child of the dropbear process,
to ensure that all children of all SSH sessions are terminated (before
dropear itself is killed).
+ postinst: don't print the reminder to check "ip=" boot parameter if it's
already found in /proc/cmdline.
+ premount script: log to standard error if the 'debug' environment
variable is set.
+ premount script: boot method (local or NFS) is in environment variable
'BOOT' not 'boot'.
+ On local mounts, don't bring down the network before dropbear was
terminated (at init-bottom stage, not at local-bottom stage).  Bringing
down the network while an SSH session is still active makes clients hang
until the connection times out.
+ init-bottom script: log which network interfaces are being brought down.
+ init-bottom script: replace xargs(1) with a while loop as it's
apparently not included in Ubuntu's busybox.  (LP: #1652091)
+ Compile with '--disable-bundled-libtom' to use system libtomcrypt /
libtommath.  (Closes: #870035)
* debian/control: bump Standards-Version to 4.0.0 (no changes necessary).
* debian/{control,dropbear-bin.install,dropbear-bin.manpages}: apply
2017-06-17 - Guilhem Moulin <guilhem@debian.org>
dropbear (2017.75-1) unstable; urgency=medium
* New upstream release.  Remove quilt patches CVE-2017-9078 and
CVE-2017-9079, previously backported from 2017.75 to 2016.74-5.
2017-05-19 - Guilhem Moulin <guilhem@debian.org>
dropbear (2016.74-5) unstable; urgency=high
* Backport security fixes from 2017.75 (closes: #862970):
- CVE-2017-9078: Fix double-free in server TCP listener cleanup
A double-free in the server could be triggered by an authenticated user
if dropbear is running with -a (Allow connections to forwarded ports
from any host) This could potentially allow arbitrary code execution as
root by an authenticated user.
- CVE-2017-9079: Fix information disclosure with ~/.ssh/authorized_keys
Dropbear parsed authorized_keys as root, even if it were a symlink. The
fix is to switch to user permissions when opening authorized_keys
A user could symlink their ~/.ssh/authorized_keys to a root-owned file
they couldn't normally read. If they managed to get that file to contain
valid authorized_keys with command= options it might be possible to read
other contents of that file.
This information disclosure is to an already authenticated user.
2017-05-14 - Guilhem Moulin <guilhem@guilhem.org>
dropbear (2016.74-4) unstable; urgency=medium
* Also trigger maintainer scripts when upgrading from dropbear
2014.65-1+deb8u1, by changing the upper bound from 2014.65-1 to
2015.68-1~.  (Closes: #862544)
2017-04-16 - Guilhem Moulin <guilhem@guilhem.org>
dropbear (2016.74-3) unstable; urgency=high
* debian/copyright: add missing paragraphs to match upstream's LICENSE file.
(Closes: #860406.)

See Also

Package Description
drpython_3.11.4-1.1_all.deb simple and customizable editor for the Python language
drraw_2.2b2-4_all.deb simple web based presentation front-end for RRDtool
drslib_0.3.0a3-5build1_all.deb Command-line tools for the Data Reference Syntax library
drumgizmo_0.9.14-3_amd64.deb Audio sampler plugin and stand-alone app that simulates a real drum kit
drumkv1-common_0.8.6-1_amd64.deb old-school drum-kit sampler - common files
drumkv1-lv2_0.8.6-1_amd64.deb old-school drum-kit sampler - lv2-plugin
drumkv1_0.8.6-1_amd64.deb old-school drum-kit sampler - standalone
drumstick-tools_0.5.0-4_amd64.deb Qt4/C++ wrapper for ALSA Sequencer - utilities
dsdp-doc_5.8-9.4_all.deb Software for Semidefinite Programming
dsdp_5.8-9.4_amd64.deb Software for Semidefinite Programming
dsh_0.25.10-1.3_amd64.deb dancer's shell, or distributed shell
dsniff_2.4b1+debian-28.1~build1_amd64.deb Various tools to sniff network traffic for cleartext insecurities
dspdfviewer_1.15.1-1build1_amd64.deb Dual-Screen PDF Viewer for LaTeX-beamer
dssi-dev_1.1.1~dfsg0-1build2_all.deb Header file for compiling DSSI plugins and hosts
dssi-example-plugins_1.1.1~dfsg0-1build2_amd64.deb Examples of DSSI plugin